JSR-250 also provides a few standard annotations that can be used for specifying method security. Spring Security, starting at version 3.0, supports these annotations.

You can enable JSR-250 by using the jsr250Enabled = true annotation in @EnableGlobalMethodSecurity:

@EnableGlobalMethodSecurity(jsr250Enabled = true)
@SpringBootApplication
public class SpringSecurityApplication {

@RolesAllowed is the JSR-250 annotation that is equivalent to @Secured:

@RolesAllowed("ROLE_ADMIN")
 public List<User> retrieveAllUsers() {
 // Your code
 }

@RolesAllowed allows multiple roles to be specified. Method execution is allowed if the user has any of the specified roles:

@RolesAllowed({"ROLE_ADMIN", "ROLE_USER"})
 public User retrieveUser(String userName) {
 // Your code
 }